diff options
Diffstat (limited to 'meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0005.patch')
| -rw-r--r-- | meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0005.patch | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0005.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0005.patch new file mode 100644 index 0000000000..b0a8ef2535 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0005.patch @@ -0,0 +1,98 @@ +From 46a168c9a89e82ccaf8d27669d1ae5459f7becb9 Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Fri, 29 Jan 2016 23:33:37 +0100 +Subject: [PATCH] CVE-2018-14628: python:provision: make + DELETEDOBJECTS_DESCRIPTOR available in the ldif files + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595 + +Signed-off-by: Stefan Metzmacher <metze@samba.org> +Reviewed-by: Andrew Bartlett <abartlet@samba.org> +(cherry picked from commit 0c329a0fda37d87ed737e4b579b6d04ec907604c) + +CVE: CVE-2018-14628 + +Upstream-Status: Backport +[https://github.com/samba-team/samba/commit/46a168c9a89e82ccaf8d27669d1ae5459f7becb9] + +Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> +--- + python/samba/provision/__init__.py | 5 +++++ + python/samba/provision/sambadns.py | 4 ++++ + 2 files changed, 9 insertions(+) + +diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py +index e8903ad..0c52cc1 100644 +--- a/python/samba/provision/__init__.py ++++ b/python/samba/provision/__init__.py +@@ -79,6 +79,7 @@ from samba.provision.backend import ( + LDBBackend, + ) + from samba.descriptor import ( ++ get_deletedobjects_descriptor, + get_empty_descriptor, + get_config_descriptor, + get_config_partitions_descriptor, +@@ -1441,6 +1442,8 @@ def fill_samdb(samdb, lp, names, logger, policyguid, + msg["subRefs"] = ldb.MessageElement(names.configdn, ldb.FLAG_MOD_ADD, + "subRefs") + ++ deletedobjects_descr = b64encode(get_deletedobjects_descriptor(names.domainsid)).decode('utf8') ++ + samdb.invocation_id = invocationid + + # If we are setting up a subdomain, then this has been replicated in, so we don't need to add it +@@ -1472,6 +1475,7 @@ def fill_samdb(samdb, lp, names, logger, policyguid, + "FOREST_FUNCTIONALITY": str(forestFunctionality), + "DOMAIN_FUNCTIONALITY": str(domainFunctionality), + "NTDSQUOTAS_DESCRIPTOR": ntdsquotas_descr, ++ "DELETEDOBJECTS_DESCRIPTOR": deletedobjects_descr, + "LOSTANDFOUND_DESCRIPTOR": protected1wd_descr, + "SERVICES_DESCRIPTOR": protected1_descr, + "PHYSICALLOCATIONS_DESCRIPTOR": protected1wd_descr, +@@ -1536,6 +1540,7 @@ def fill_samdb(samdb, lp, names, logger, policyguid, + "RIDAVAILABLESTART": str(next_rid + 600), + "POLICYGUID_DC": policyguid_dc, + "INFRASTRUCTURE_DESCRIPTOR": infrastructure_desc, ++ "DELETEDOBJECTS_DESCRIPTOR": deletedobjects_descr, + "LOSTANDFOUND_DESCRIPTOR": lostandfound_desc, + "SYSTEM_DESCRIPTOR": system_desc, + "BUILTIN_DESCRIPTOR": builtin_desc, +diff --git a/python/samba/provision/sambadns.py b/python/samba/provision/sambadns.py +index 8a5d8a9..61beb16 100644 +--- a/python/samba/provision/sambadns.py ++++ b/python/samba/provision/sambadns.py +@@ -41,6 +41,7 @@ from samba.dsdb import ( + DS_DOMAIN_FUNCTION_2016 + ) + from samba.descriptor import ( ++ get_deletedobjects_descriptor, + get_domain_descriptor, + get_domain_delete_protected1_descriptor, + get_domain_delete_protected2_descriptor, +@@ -245,6 +246,7 @@ def setup_dns_partitions(samdb, domainsid, domaindn, forestdn, configdn, + domainzone_dn = "DC=DomainDnsZones,%s" % domaindn + forestzone_dn = "DC=ForestDnsZones,%s" % forestdn + descriptor = get_dns_partition_descriptor(domainsid) ++ deletedobjects_desc = get_deletedobjects_descriptor(domainsid) + + setup_add_ldif(samdb, setup_path("provision_dnszones_partitions.ldif"), { + "ZONE_DN": domainzone_dn, +@@ -268,6 +270,7 @@ def setup_dns_partitions(samdb, domainsid, domaindn, forestdn, configdn, + "ZONE_DNS": domainzone_dns, + "CONFIGDN": configdn, + "SERVERDN": serverdn, ++ "DELETEDOBJECTS_DESCRIPTOR": b64encode(deletedobjects_desc).decode('utf8'), + "LOSTANDFOUND_DESCRIPTOR": b64encode(protected2_desc).decode('utf8'), + "INFRASTRUCTURE_DESCRIPTOR": b64encode(protected1_desc).decode('utf8'), + }) +@@ -288,6 +291,7 @@ def setup_dns_partitions(samdb, domainsid, domaindn, forestdn, configdn, + "ZONE_DNS": forestzone_dns, + "CONFIGDN": configdn, + "SERVERDN": serverdn, ++ "DELETEDOBJECTS_DESCRIPTOR": b64encode(deletedobjects_desc).decode('utf8') + "LOSTANDFOUND_DESCRIPTOR": b64encode(protected2_desc).decode('utf8'), + "INFRASTRUCTURE_DESCRIPTOR": b64encode(protected1_desc).decode('utf8'), + }) +-- +2.40.0 |